mirror of
https://github.com/ivuorinen/actions.git
synced 2026-01-26 11:34:00 +00:00
103 lines
3.3 KiB
YAML
103 lines
3.3 KiB
YAML
# yaml-language-server: $schema=https://json.schemastore.org/github-action.json
|
|
# permissions:
|
|
# - contents: write # Required for git configuration and operations
|
|
---
|
|
name: Set Git Config
|
|
description: 'Sets Git configuration for actions.'
|
|
author: 'Ismo Vuorinen'
|
|
|
|
branding:
|
|
icon: git-commit
|
|
color: gray-dark
|
|
|
|
inputs:
|
|
token:
|
|
description: 'GitHub token for authentication'
|
|
required: false
|
|
default: ${{ github.token }}
|
|
username:
|
|
description: 'GitHub username for commits.'
|
|
default: 'github-actions'
|
|
email:
|
|
description: 'GitHub email for commits.'
|
|
default: 'github-actions@github.com'
|
|
is_fiximus:
|
|
description: 'Whether to use the Fiximus bot.'
|
|
required: false
|
|
default: 'false'
|
|
|
|
outputs:
|
|
token:
|
|
description: 'GitHub token.'
|
|
value: ${{ steps.bot.outputs.token }}
|
|
username:
|
|
description: 'GitHub username for commits.'
|
|
value: ${{ steps.bot.outputs.username }}
|
|
email:
|
|
description: 'GitHub email for commits.'
|
|
value: ${{ steps.bot.outputs.email }}
|
|
is_fiximus:
|
|
description: 'Whether to use the Fiximus bot.'
|
|
value: ${{ steps.bot.outputs.is_fiximus }}
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Check for FIXIMUS_TOKEN
|
|
id: bot
|
|
shell: bash
|
|
env:
|
|
INPUT_TOKEN: ${{ inputs.token }}
|
|
INPUT_USERNAME: ${{ inputs.username }}
|
|
INPUT_EMAIL: ${{ inputs.email }}
|
|
INPUT_IS_FIXIMUS: ${{ inputs.is_fiximus }}
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
# Use printf to safely write outputs (prevents injection)
|
|
printf 'token=%s\n' "${INPUT_TOKEN}" >> "$GITHUB_OUTPUT"
|
|
printf 'username=%s\n' "${INPUT_USERNAME}" >> "$GITHUB_OUTPUT"
|
|
printf 'email=%s\n' "${INPUT_EMAIL}" >> "$GITHUB_OUTPUT"
|
|
printf 'is_fiximus=%s\n' "${INPUT_IS_FIXIMUS}" >> "$GITHUB_OUTPUT"
|
|
|
|
# Determine final values
|
|
FINAL_TOKEN="$INPUT_TOKEN"
|
|
FINAL_USERNAME="$INPUT_USERNAME"
|
|
FINAL_EMAIL="$INPUT_EMAIL"
|
|
|
|
if [ "$INPUT_IS_FIXIMUS" != "false" ]; then
|
|
FINAL_USERNAME="fiximus"
|
|
FINAL_EMAIL="github-bot@ivuorinen.net"
|
|
printf 'username=%s\n' "fiximus" >> "$GITHUB_OUTPUT"
|
|
printf 'email=%s\n' "github-bot@ivuorinen.net" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
# Write validated values to GITHUB_ENV for safe use in subsequent steps
|
|
{
|
|
echo "VALIDATED_GIT_TOKEN=$FINAL_TOKEN"
|
|
echo "VALIDATED_GIT_USERNAME=$FINAL_USERNAME"
|
|
echo "VALIDATED_GIT_EMAIL=$FINAL_EMAIL"
|
|
} >> "$GITHUB_ENV"
|
|
|
|
- name: Configure Git
|
|
shell: bash
|
|
run: |-
|
|
set -euo pipefail
|
|
# Use validated environment variables from GITHUB_ENV
|
|
GITHUB_TOKEN="$VALIDATED_GIT_TOKEN"
|
|
GIT_USERNAME="$VALIDATED_GIT_USERNAME"
|
|
GIT_EMAIL="$VALIDATED_GIT_EMAIL"
|
|
|
|
# Store token in variable to avoid repeated exposure
|
|
TOKEN="$GITHUB_TOKEN"
|
|
|
|
git config --local --unset-all http.https://github.com/.extraheader || true
|
|
git config --local \
|
|
--add "url.https://x-access-token:${TOKEN}@github.com/.insteadOf" \
|
|
"https://github.com/"
|
|
git config --local \
|
|
--add "url.https://x-access-token:${TOKEN}@github.com/.insteadOf" \
|
|
'git@github.com:'
|
|
git config --local user.name "$GIT_USERNAME"
|
|
git config --local user.email "$GIT_EMAIL"
|